Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4570
Views
12
Helpful
17
Replies

ERR_CONNECTION_TIMED_OUT

Ntuka
Community Member

‎06-24-2025 12:54 AM

Good day.

I created selfservice website on my windows server and i configured VLAN's on my network. Still, I cannot access the website externally. When I use my personal network, I can only access the site when I am connected to the office network. I set the rules on both the firewall and the router to allow traffic, but still, I do not have access. Kindly assist.

Error I get

image.png

Layer 3 routing

image.png

Port forwading

image.png

VLAN's and Routing

image.png

Labels:
0 Helpful
17 Replies 17

ww^
Meraki Community All-Star
Meraki Community All-Star

‎06-24-2025 01:30 AM

Do you get response when you do a nslookup to that dns name?

Does it work when you enter the public ip in the browser?

0 Helpful

Ntuka
Community Member
In response to ww^

‎06-24-2025 01:39 AM

When i run nslookup it does respond

image.png

but when i enter publick ip it does not repond

0 Helpful

JonoM
Meraki Employee All-Star
Meraki Employee All-Star

‎06-24-2025 01:51 AM

Based on your nslookup results, it looks like there is only a private IP address (192.168.1.241/243) being advertised via DNS.Is it possible this was taken on your local LAN?

If you are seeing a public address when performing an nslookup on an external network (from home for example), do you see the public IP address of your firewall?

If you take packet captures on the WAN interface of your MX appliance and then try to access this resource externally, do you see the request being sent by your external client? Does the traffic match the port forwarding rule you have configured, with regards to port number and IP addressing?

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.

Ntuka
Community Member
In response to JonoM

‎06-24-2025 03:43 AM

Yes, i did the run the lookup on my network and when i run it using external network it times out

0 Helpful

CMR
Meraki Community All-Star
Meraki Community All-Star
In response to Ntuka

‎06-24-2025 04:50 AM

@Ntuka your public DNS record points as below, is that the WAN IP of the Meraki MX?

image.png

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Helpful

Nicolas Rennetaud
Level 3
Level 3

‎06-24-2025 03:17 AM

Hi,

As Jono said, verify your dns records, it seems you have a mistake in your DNS configuration.

I tried to nslookup from the outside and I have the same result as you with the private IP address. As understanding, we should have a public IP (related to your MX WAN IP).

By the way, if you access directly to the MX WAN IP address, do you have an answer ?

0 Helpful

Ntuka
Community Member
In response to Nicolas Rennetaud

‎06-24-2025 03:47 AM

Hi,

my DNS records are poiting to the server that is hosting the website

image.png

0 Helpful

Nicolas Rennetaud
Level 3
Level 3

‎06-24-2025 03:54 AM

Yes that's the point, if you want to access it from the outside of your network, you will need to point these records to the public IP (where you did the port forwarding).

This IP address is the WAN IP of your MX. You can find it in Security & SD-WAN / Appliance Status, look at the WAN1 section. By the way, the first test to do is to put this IP address in your browser to check if your port forwarding rules are working correctly.

Also, you'll have to confirm that your MX is directly connected to your ISP and hosting the public IP (not connected behind a router for example).

Let us know about your tests.

0 Helpful

Ntuka
Community Member
In response to Nicolas Rennetaud

‎06-24-2025 04:28 AM

Hi,

I did change the records to point to the public IP, but it still does not go to the self-service site.

the self-service site uses the following ports, which are set correctly:

443

9443

1433

9143

8943

image.png

Ntuka
Community Member
In response to Nicolas Rennetaud

‎06-24-2025 04:30 AM

Hi,

my DNS records are poiting to the server that is hosting the website

image.pngimage.png

0 Helpful

chricao
Cisco Employee
Cisco Employee
In response to Ntuka

‎06-24-2025 05:10 PM

Is the public IP 160.226.217.132 is configured on the WAN side of your MX or in the same subnet of MX WAN IP? If yes, you can easily check this by sending a session toward your server url and perform a packet capture on the WAN port of the MX to understand if the MX receives the client traffic or not.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.

Ntuka
Community Member
In response to chricao

‎06-24-2025 11:48 PM

Hi,

The public IP is configured on the WAN side of the MX, and all packets are lost when I send the session from the server to the public IP and vice versa.

0 Helpful

Nicolas Rennetaud
Level 3
Level 3

‎06-25-2025 12:28 AM

Hi Ntuka,

As we already know your public IP address, would you share appliance status page with wan uplinks status ?

Also, you enabled port forwarding on both uplinks which could cause some issues if you don't have active/backup upstream routers.

Ntuka
Community Member
In response to Nicolas Rennetaud

‎06-25-2025 12:39 AM

image.png

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card